Skip to content
OpenClaw VPS
← Back to Home

Privacy Policy

Last updated: May 21, 2026

Privacy Summary

  • We collect only the information necessary to provide our services
  • We do NOT sell your personal data to third parties
  • Temporary credentials are handled only as needed to deliver support or setup
  • You can request access, correction, or deletion of your data at any time
  • OpenClaw VPS is an independent managed hosting service, not affiliated with the OpenClaw open-source project or its developers

1. Scope and Roles

OpenClaw VPS is a service operated by Strataga, LLC. In this Privacy Policy, "we," "us," and "our" refer to Strataga, LLC acting through the OpenClaw VPS service.

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our site, create an account, start a trial, buy a subscription, request support, or otherwise use the Services.

For website, account, billing, and support data, we generally act as the controller or business responsible for deciding how that personal information is used.

For customer-provided bot data, deployment inputs, credentials, uploaded files, or other information we process on behalf of a customer as part of a managed deployment, we generally act as a processor or service provider, and the customer remains responsible for the lawfulness of the data and instructions they provide.

2. Information We Collect

We may collect the following categories of information:

ACCOUNT AND CONTACT DATA: - name, email address, company name, and other contact details - login identifiers and account profile information - data received from sign-in methods such as email/password, Google, GitHub, or enterprise SSO

BILLING AND TRANSACTION DATA: - customer identifiers, subscription status, order history, invoices, invoice status, and payment-related metadata - default payment-method status, limited card or bank metadata supplied by our payment processor, and records of failed, past-due, disputed, paid, or missing-payment-method billing states - limited payment details handled by our payment processor; we do not store full card numbers, card security codes, or raw bank account numbers

SUPPORT AND COMMUNICATION DATA: - messages you send through forms, support chat, email, or other contact channels - scheduling or onboarding details you provide to us

DEPLOYMENT AND SERVICE DATA: - deployment identifiers, host metadata, infrastructure details, logs, restart history, configuration metadata, and support context - credentials, API keys, OAuth connection details, or tokens you choose to provide for setup or support

USAGE AND DEVICE DATA: - IP address, browser type, device data, operating system, approximate geolocation, referrer, and pages visited - product analytics and event data if analytics is enabled

ABUSE-PREVENTION DATA: - bot-detection and abuse-prevention signals, including Cloudflare Turnstile verification data

COOKIES AND LOCAL STORAGE DATA: - authentication/session cookies - cookie consent preferences - analytics identifiers if analytics is enabled

3. Where the Data Comes From

We collect information: - directly from you when you sign up, check out, contact us, or use the Services - automatically from your browser or device when you interact with our website or product - from third-party identity, billing, infrastructure, analytics, and communication providers that support the Services - from your integrations, deployment environment, or support interactions when needed to operate or troubleshoot a deployment

If you connect channels, integrations, AI/model providers, or third-party tools to OpenClaw, those providers may independently collect or process data under their own terms and privacy policies. We are not responsible for the privacy or security practices of third parties that receive data from you or your deployment.

4. How We Use Information

We use personal information to: - provide, operate, secure, and maintain the Services - create and manage accounts, subscriptions, trials, and billing records - provision or deprovision hosted deployments - authenticate users and manage access controls - pause, resume, delete, or restrict hosted runtime based on subscription, invoice, and payment-method status - respond to support requests and communicate with customers - investigate abuse, fraud, security incidents, or violations of our Terms - improve product performance, onboarding, support workflows, and reliability - send transactional messages such as confirmations, receipts, support responses, and service notices - comply with legal obligations and enforce our agreements

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

5. How We Share Information

We may share personal information with service providers and subprocessors that help us operate the Services, including providers for: - hosting and infrastructure - authentication and account management, including Better Auth and Convex-backed account systems - billing, payment-method management, invoices, receipts, payment recovery, and payments, including Stripe - email and communications, including Resend - analytics, including PostHog when analytics is enabled - abuse prevention and bot detection, including Cloudflare Turnstile - third-party sign-in providers such as Google or GitHub when you choose those login methods

We may also disclose information: - if required by law, legal process, or valid governmental request - to protect rights, property, safety, users, or the security of the Services - in connection with a merger, financing, acquisition, reorganization, or sale of assets

We do not disclose more information than is reasonably necessary for those purposes.

6. Cookies, Local Storage, and Analytics

We use a mix of cookies and browser storage technologies.

NECESSARY TECHNOLOGIES: - authentication and session cookies - security and abuse-prevention technologies - local storage used to remember cookie preferences and certain UI state

OPTIONAL ANALYTICS: - if enabled, we use analytics tools such as PostHog to understand product usage and improve the Services - analytics collection is subject to the choices made in our cookie consent banner where required

MARKETING COOKIES: - we do not currently use advertising or remarketing cookies on the site - if we introduce them in the future, we will update this Privacy Policy and obtain consent where required

You can control cookies through your browser settings, but disabling necessary technologies may affect site functionality.

7. Browser Signals and Do Not Track

Some browsers offer "Do Not Track" or similar privacy signals. We do not currently respond to those signals in a uniform way unless applicable law requires otherwise.

If we adopt support for browser-based privacy signals more broadly in the future, we will update this Privacy Policy to describe that behavior.

8. Data Retention

We retain information for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and protect the platform.

Examples: - account and subscription records: while the account is active and for a reasonable period afterward - billing, invoice, tax, payment-method-status, dispute, and payment-recovery records: as long as required by accounting, tax, legal, fraud-prevention, and dispute-resolution obligations - support communications and case history: as needed for support quality, dispute resolution, and abuse prevention - deployment, suspension, deletion, and operational audit records: as needed to operate the Services, resolve billing or support disputes, investigate abuse, and protect the platform - analytics data: according to our analytics settings and provider retention windows - temporary credentials or access material provided for support or setup: only for as long as needed to complete the work, then removed or rotated

We may keep de-identified or aggregated information after deletion of personal information.

9. Security

We use reasonable technical and organizational safeguards designed to protect personal information, including access controls, encrypted transport, operational logging, vendor controls, and security review practices.

No internet service is completely secure. We cannot guarantee that unauthorized access, disclosure, alteration, or destruction will never occur.

You are also responsible for securing your own devices, credentials, integrations, domains, and OpenClaw configuration.

10. International Transfers

We and our service providers may process personal information in the United States and other countries where we or our vendors operate.

If personal information is transferred across borders, we rely on appropriate transfer mechanisms where required by applicable law, such as contractual safeguards or equivalent legal protections.

11. Your Privacy Rights

Depending on where you live, you may have the right to request access to, correction of, deletion of, restriction of, objection to, or portability of your personal information.

You may also be able to: - withdraw consent where processing depends on consent - opt out of optional analytics or marketing communications - appeal a denial of a privacy request where applicable law requires an appeal process

We may need to verify your identity before fulfilling a request. You can submit privacy requests by emailing [email protected].

12. EEA, UK, and Similar Jurisdictions

If you are located in the EEA, UK, or another jurisdiction with similar privacy rights, our legal bases for processing generally include: - performance of a contract - legitimate interests in operating, securing, and improving the Services - consent, where required - compliance with legal obligations

You may also have the right to lodge a complaint with your local supervisory authority.

13. California and Similar State Privacy Laws

California residents and residents of other U.S. states with privacy laws may have rights to know what personal information we collect, access specific pieces of personal information, delete personal information, correct inaccuracies, and opt out of certain forms of data use.

We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

You may exercise applicable rights by contacting [email protected]. We will not discriminate against you for exercising privacy rights protected by law.

14. Children's Privacy

The Services are not directed to children, and we do not knowingly collect personal information from anyone under 18.

If you believe a child has provided personal information to us, contact us and we will investigate and delete the information where appropriate.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and may provide additional notice when appropriate.

Your continued use of the Services after the updated Privacy Policy takes effect means you accept the revised policy.

16. Contact

For privacy questions, requests, or complaints, contact:

[email protected]

Support-related questions can also be sent to:

[email protected]

Related Documents

Free plain-English PDF

Get the free DIY VPS checklist

Before you host an AI assistant yourself, learn the 10 common mistakes that cause downtime, lost keys, missed alerts, and painful recovery work.

Send me the free PDF

We will send the plain-English PDF on the 10 costly mistakes people make when hosting an AI assistant themselves, plus short follow-up tips. Unsubscribe anytime.